Raze your Limits...
Legal

Privacy Policy

Last updated:

This privacy notice describes how Raze S.R.L. processes the personal data of users who visit the website razehub.it, in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and Italian Legislative Decree 196/2003 as amended by Legislative Decree 101/2018.

1. Data Controller

The Data Controller is Raze S.R.L., with registered office at Via IV Novembre 84, 23868 Valmadrera (LC), Italy, VAT No. IT04229070133.
For any request regarding the processing of personal data, you may contact us at: info@razehub.it.

2. Data collected and purposes of processing

2.1 Browsing data

The computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category includes: IP addresses, browser type and version, operating system, requested page URL, date and time of visit, and HTTP status code.

This data is used solely for the purpose of obtaining anonymous statistical information on the use of the website and to verify its correct operation. Technical data is retained for a period not exceeding 30 days and subsequently deleted.

2.2 Data voluntarily provided by the user

The optional, explicit and voluntary sending of messages to the contact addresses indicated on this website entails the subsequent acquisition of the sender's address and any other personal data included in the communication. Such data is used exclusively to respond to the request received and is not disclosed to third parties.

3. Legal basis for processing

The processing of browsing data is based on the legitimate interest of the Controller (Art. 6(1)(f) GDPR) in ensuring the security and correct operation of the website. The processing of data voluntarily provided is based on the consent of the data subject (Art. 6(1)(a) GDPR) or, where applicable, for the performance of pre-contractual measures (Art. 6(1)(b) GDPR).

4. Processing methods and retention

Data is processed using automated tools, adopting appropriate technical and organisational measures to protect confidentiality and prevent unauthorised access.

Browsing data is deleted within 30 days of collection. Data voluntarily provided is retained for the time strictly necessary to handle the request and, in any case, for no longer than 2 years from receipt.

5. Disclosure to third parties and data processors

Personal data is not sold, transferred or disclosed to third parties for marketing or profiling purposes. It may be disclosed to the following technical service providers acting as Data Processors pursuant to Art. 28 GDPR, on the basis of appropriate contractual agreements (DPA):

  • Cloudflare, Inc. โ€” hosting services (Cloudflare Pages), content delivery network (CDN), security and performance optimisation. Cloudflare processes browsing data (IP address, HTTP headers) necessary for service delivery. Cloudflare is certified under the EU-US Data Privacy Framework. Privacy policy: cloudflare.com/privacypolicy.
  • assets.gpkingdom.it โ€” CDN infrastructure owned by the Controller, used to deliver static resources (images and videos). Loading these resources involves the transmission of the user's IP address to the server hosting that domain.

6. International data transfers

Personal data is processed primarily within the European Economic Area (EEA). Cloudflare, Inc. is based in the United States and is certified under the EU-US Data Privacy Framework (European Commission adequacy decision of 10 July 2023), ensuring an adequate level of protection pursuant to Art. 45 GDPR. Where necessary, Cloudflare also applies the Standard Contractual Clauses (SCCs) approved by the European Commission pursuant to Art. 46(2)(c) GDPR.

7. Rights of the data subject

Pursuant to Articles 15โ€“22 GDPR, the data subject has the right to:

  • obtain confirmation of the existence of personal data concerning them and access its content (Art. 15);
  • obtain the rectification of inaccurate data or the completion of incomplete data (Art. 16);
  • obtain the erasure of data, where the conditions are met (Art. 17);
  • obtain the restriction of processing (Art. 18);
  • receive their data in a structured format (portability, Art. 20);
  • object to processing in the cases provided for (Art. 21);
  • lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it).

To exercise your rights, you may contact us at info@razehub.it. We will respond within 30 days of receiving your request.

8. Cookies

For detailed information on the use of cookies on this website, please refer to our Cookie Policy.

9. Changes to this notice

Raze S.R.L. reserves the right to amend this privacy notice at any time. Changes take effect from the date of publication on the website. You are encouraged to review this page periodically.